//package com.example.cert;
//
//import org.bouncycastle.asn1.x500.X500Name;
//import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
//import org.bouncycastle.cert.X509CertificateHolder;
//import org.bouncycastle.cert.X509v3CertificateBuilder;
//import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
//import org.bouncycastle.operator.ContentSigner;
//import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
//import org.bouncycastle.pkcs.PKCS12PfxPdu;
//import org.bouncycastle.pkcs.jcajce.JcaPKCS12KeyStoreBuilder;
//
//import java.io.FileOutputStream;
//import java.math.BigInteger;
//import java.security.KeyPair;
//import java.security.KeyPairGenerator;
//import java.security.PrivateKey;
//import java.security.cert.X509Certificate;
//import java.util.Date;
//
//public class PKCS12Example {
//
//    public static void main(String[] args) throws Exception {
//        // 生成密钥对
//        KeyPair keyPair = generateKeyPair();
//
//        // 创建自签名X.509数字证书
//        X509Certificate certificate = generateSelfSignedCertificate(keyPair);
//
//        // 生成PKCS#12文件
//        char[] keystorePassword = "your_keystore_password".toCharArray(); // 替换为你的密码
//        String p12FilePath = "your_certificate.p12"; // 替换为你的文件路径
//
//        generatePKCS12File(certificate, keyPair.getPrivate(), keystorePassword, p12FilePath);
//    }
//
//    // 生成密钥对
//    public static KeyPair generateKeyPair() throws Exception {
//        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
//        keyPairGenerator.initialize(2048); // 选择密钥长度
//        return keyPairGenerator.generateKeyPair();
//    }
//
//    // 创建自签名X.509数字证书
//    public static X509Certificate generateSelfSignedCertificate(KeyPair keyPair) throws Exception {
//        // 构建证书请求者和颁发者信息
//        X500Name subjectName = new X500Name("CN=SelfSignedCertificate");
//        X500Name issuerName = subjectName; // 自签名证书，颁发者与请求者相同
//
//        // 证书有效期
//        Date startDate = new Date();
//        Date endDate = new Date(System.currentTimeMillis() + 365L * 24 * 60 * 60 * 1000); // 有效期一年
//
//        // 证书序列号
//        BigInteger serialNumber = BigInteger.valueOf(System.currentTimeMillis());
//
//        // 使用Bouncy Castle创建X.509证书构建器
//        X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(
//                issuerName,
//                serialNumber,
//                startDate,
//                endDate,
//                subjectName,
//                SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded())
//        );
//
//        // 使用SHA256withRSA算法进行签名
//        ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256withRSA").build(keyPair.getPrivate());
//
//        // 构建X.509数字证书
//        X509CertificateHolder certificateHolder = certificateBuilder.build(contentSigner);
//
//        // 将X.509证书转换为Java X.509证书
//        return new JcaX509CertificateConverter().getCertificate(certificateHolder);
//    }
//
//    // 生成PKCS#12文件
//    public static void generatePKCS12File(X509Certificate certificate, PrivateKey privateKey, char[] keystorePassword, String filePath) throws Exception {
//        // 创建PKCS#12存储
//        JcaPKCS12KeyStoreBuilder pkcs12KeyStoreBuilder = new JcaPKCS12KeyStoreBuilder();
//        pkcs12KeyStoreBuilder.setKeyEntry("privateKeyAlias", privateKey, keystorePassword, new X509Certificate[]{certificate});
//
//        // 构建PKCS#12 PDU
//        PKCS12PfxPdu pfxPdu = pkcs12KeyStoreBuilder.build(new JcePKCSPBEKeyEncryptionMethodGenerator(keystorePassword));
//
//        // 将PKCS#12 PDU写入文件
//        try (FileOutputStream fos = new FileOutputStream(filePath)) {
//            fos.write(pfxPdu.getEncoded());
//        }
//
//        System.out.println("PKCS#12文件已生成：" + filePath);
//    }
